Skip to main content

Wireshark EUVDEUVD-2026-26331

| CVE-2026-6523 MEDIUM
Loop with Unreachable Exit Condition (Infinite Loop) (CWE-835)
2026-04-30 GitLab
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
5.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

6
Patch released
May 01, 2026 - 19:27 nvd
Patch available
Patch available
Apr 30, 2026 - 08:16 EUVD
Analysis Generated
Apr 30, 2026 - 06:46 vuln.today
EUVD ID Assigned
Apr 30, 2026 - 06:30 euvd
EUVD-2026-26331
Analysis Generated
Apr 30, 2026 - 06:30 vuln.today
CVE Published
Apr 30, 2026 - 05:34 nvd
MEDIUM 5.5

DescriptionCVE.org

GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

AnalysisAI

Infinite loop in the GNW protocol dissector in Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 causes denial of service when processing malformed packets. Local attackers with user interaction can craft malicious GNW traffic or files to exhaust CPU resources and freeze the application, preventing legitimate packet analysis and potentially disrupting network troubleshooting workflows.

Technical ContextAI

The vulnerability exists in Wireshark's GNW protocol dissector, a component responsible for parsing and displaying GNW protocol traffic within the GUI. The underlying issue is an infinite loop (CWE-835) triggered by improper input validation during protocol parsing. Dissectors in Wireshark run when the user opens or processes captured packets or PCAP files; a malformed GNW frame can cause the dissector to enter an infinite loop, consuming 100% CPU until the process is killed. The CPE indicates all versions of Wireshark are potentially affected, but the fixed version range is limited to 4.6.x and 4.4.x releases.

RemediationAI

Upgrade to Wireshark 4.6.5 or later, or to Wireshark 4.4.15 or later, which contain the patched GNW protocol dissector. Users unable to upgrade immediately should avoid opening PCAP files or live packet captures from untrusted sources, particularly those suspected to contain GNW protocol traffic. Additionally, disable or restrict access to the GNW protocol dissector if it is not required for your analysis workflows - Wireshark allows selective dissector enablement via Preferences > Protocols. Refer to the official Wireshark security advisory WNPA-SEC-2026-38 (https://www.wireshark.org/security/wnpa-sec-2026-38.html) for patch confirmation and the GitLab work item (https://gitlab.com/wireshark/wireshark/-/work_items/21177) for technical details.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed

Share

EUVD-2026-26331 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy